Implied rules

Hello All,

I'm looking for some help with the following, at the moment I see lots of external traffic being allowed by an implied rule on port TCP 4500. On smartview tracker the only info I have is the source external IP to our external firewalls over Port TCP 4500, which I'm not sure what service is using this port. My first thought was VPN, but my understanding is that the IKE uses port udp or tcp 500 and NAT-T port udp 4500.

There is no indication what would be allowing this traffic, as the only info I have is Accept 0-Implied rules. I just double checked the implied rules but cannot see anything allowing port TCP 4500 (screenshot attached).

Re: Implied rules

Thank you for your prompt answer.

I checked that document previously. Question is about implied rules, and we don't seem to have any implied rule to allow traffic on port TCP 4500 but we can see external IPs scanning our network and traffic over that port is being allowed.